How to restrict ssh and ftp to certain ip address?

What is the easiest way to make it so that the only way anyone could access the ssh or ftp for my ubuntu machine is to be on a certain ip address?

1

2 Answers

Ubuntu Firewall (ufw).

See if Ubuntu Firewall is active:

$ sudo ufw status

If it's inactive, enable it:

$ sudo ufw enable

Allow SSH connections from a specific IP address:

$ sudo ufw allow from 123.123.123.123 to any port 22 proto tcp

Allow FTP connections

$ sudo ufw allow from 123.123.123.123 to any port 21 proto tcp

View firewall rules:

$ sudo ufw status

Delete above SSH rule:

$ sudo ufw delete allow from 123.123.123.123 to any port 22 proto tcp

Disable Ubuntu Firewall:

$ sudo ufw disable

5

The easiest way is using the firewall. DigitalOcean has a great tutorial on configuring ufw.

First make sure ufw is enabled, if not enable it:

sudo ufw status
sudo ufw enable

The relevant command for ssh/ftp from one address would be

sudo ufw allow from 15.15.15.15 to any port 22
sudo ufw allow from 15.15.15.15 to any port 21

Port 22 is the defaut for SSH, 21 is the default for FTP. You can replace 15.15.15.15 by either a subnet you want or a specific IP.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy